<%@ page language="java" import="java.util.*,java.sql.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!-- 
功能介绍：用户登录数据验证

 -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<%@ include file="/files/db/conn.jsp"%>
<%
	//获取登录页面的账号、密码
	String username = request.getParameter("username");
	String password = request.getParameter("password");
	String role = request.getParameter("role");
	ResultSet rs = null;
	try{
		String sql = "select * from t_user where  username='"+username.trim()+"'";
		rs = stmt.executeQuery(sql);
	if (rs.next()) {
			if (rs.getString("password").equals(password)&&rs.getString("role").equals(role)) {//账号验证成功
				session.setAttribute("username", username);
				session.setAttribute("realname",rs.getString("realname"));
				session.setAttribute("role",rs.getString("role"));
				session.setAttribute("id", rs.getString("id"));
				session.setAttribute("departmentid",rs.getString("departmentid"));
				response.sendRedirect("../../index.jsp");	
			}else{//账号验证失败跳转登录界面
				response.sendRedirect("../../login.jsp?info=0");
			}
		}else{//账号验证失败跳转登录界面
			response.sendRedirect("../../login.jsp?info=1");
		}
	} catch (Exception e) {
		out.println(e.getMessage());
	} finally {
		if (rs != null) {
			try {
				rs.close();
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
		if (stmt != null) {
			try {
				stmt.close();
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
		if (conn != null) {
			try {
		conn.close();
			} catch (Exception e) {
		e.printStackTrace();
			}
		}
	}
	
	
	
%>
